EU-wide interoperability of electronic identities
When is this action of interest to you?
You are a public administration from one of the countries participating in STORK. You want to enable your citizens to use their national electronic identities (eIDs) to gain access to European Commission information systems.
For the European Commission, ECAS-STORK integration is providing a high level of assurance regarding the identity of citizens and furthering EU-wide interoperability of eIDs.
What is this action about?
STORK (Secure idenTity acrOss boRders linKed) is a project co-funded by the EU that aims to implement EU-wide interoperability of electronic identities (eIDs).
While eID is used in important applications in the areas of eGovernment across the EU, it is also of considerable value for secure access to the European Union’s own information systems which have their own authentication system known as ECAS (European Commission Authentication Service).
The goal of ISA’s ECAS-STORK integration action is to develop a secure and user-friendly solution that will allow users to access EU information systems, using their national eID solutions and procedures to authenticate.
The integration will reduce the number of credentials a user has to rely on. At the same time it will enhance security, since national eID solutions are normally based on credentials that are stronger than just a login name and password. The system will also have to cater for users who are not eligible to use STORK.
It is intended to also make the integrated system available to other European Union institutions and bodies. ECAS will, for example, be used for the European e-Justice Portal, which operates in 22 languages.
What are the objectives?
To enable access to European Union information systems using the user's national eID solution with minimal impact on the information systems themselves.
What are the benefits?
- minimise or eliminate the impact of integration of 250+ ECAS-enabled information systems with STORK;
- increase confidence in user identity;
- simplify development thanks to the use of a common mechanism for all information systems;
- improving and modernising images as authentication using electronic identity cards is "cooler" than with a login name and password;
- increase consistency as same credentials are used to access both national information systems and European Commission information systems;
- aligning automatically with level of security provided by the Member State itself is particularly important for an information system such as IMI where critical information is exchanged.
What are the next steps?
After achieving proven benefits and taking an increasing amount of countries on board, the ECAS-STORK integration is preparing to evolve to the next version, which will be compliant with the Electronic identification and trust services (eIDAS). The migration will take place in the upcoming months, depending on the progress under the eIDAS regulations and the eID building block of the Connecting Europe Facility.
Case Study - What’s going on in Europe?
I already had the opportunity to utilise this action’s predecessor – a proof of concept demonstrating eID login to ECAS via STORK. With the current action and the production integration using CIRCABC we experienced a seamless integration of Member States’ eIDs. This provides a user experience similar to using my eID to authenticate with a national eGovernment application. Because of this I am confident that enhancing the service for further applications will lead to secure and convenient access to all EU information system. ECAS-STORK integration has been established rather late in the STORK project but quickly became its biggest pilot in terms of countries which formally joined (15). This enthusiasm shows the high expectations from Member States regarding the action.
ECAS-STORK provides secure, multifactor access to services by using existing Member State eID infrastructures. This is both efficient and convenient as users can employ the eID tokens they already have and are used to. Thus, it leverages the security of ECAS access whilst incurring no additional component costs and users don’t have to adapt to a new unknown authentication technology.
Did you face any challenges regarding interoperability?If yes, how did you address them?
Thanks to both the STORK experience from other pilots and the ECAS preparation, no significant interoperability challenges were experienced.
Have you reused existing software/tools/building blocks? If yes, which ones?
The STORK infrastructure has been reused.
Any recommendations for other Public administrations that would like to implement your measure?
By using STORK common components, linking national eIDs to ECAS has proven to be a straightforward task.
Organisation: E-Government Innovation Center, Graz University of Technology
Contact: Herbert Leitold